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1 CLAIM AMENDMENTS 

2 Listing of Claims: 

3 What is claimed is 

4 1 . (currently amended) A method comprising fef providing a secret cryptographic key fsk) and 

5 a public cryptographic key fpk) applicable in a network of connected computer nodes 

6 using a signature scheme, the method being executable by a first computer node and the 

7 step of providing comprising the steps of: 

8 - generating the secret cryptographic key fsk) by 

9 - selecting two random factor values (P, Q) , 

10 - multiplying the two selected random factor values (P, Q) to obtain a modulus value 

11 <N),and 

12 - selecting a secret base value (g\ h \ x r ) in dependence on the modulus value <N) 3 

1 3 wherein the secret base value (g\ h\x*) forms part of the secret cryptographic key fer 

14 h^)\ 

1 5 - generating the public cryptographic key {pk) by 

1 6 - selecting a number {f) of exponent values (ei,...,g;) , and 

17 - deriving a public base value (g, h 9 x) from the exponent values (el,...,ei) and the 

18 secret base value {g\ h \ x*) , wherein the public base value (g, h, x) and the modulus 

1 9 value fN) form part of the public cryptographic key (g, A, x 9 N) ; 

20 - deleting the two random factor values (P, Q) ; and 

2 1 - providing the public cryptographic key (g, /*, x, N) within the network; 

22 such that the public cryptographic key (g, A, x, N) and at least one of the selected 

23 exponent values is usable for verifying a signature value y, a) on a message 

24 fm) to be sent within the network to a second computer node for verification. 
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1 2. (currently amended) The method according to claim 1, further comprising providing a 

2 description of the exponent values (ci,...,ci) within the network. 

3 3. (currently amended) The method according to any preceding claim claim 1. further 

4 comprising defining an order of the selected exponent values (e\,...,ei) for enabling to 

5 communicate the validity of the signature value (i, y, a) in the event of a detected 

6 intrusion. 

7 4. (currently amended) A method comprising - for providing a signature value (/, y, a) on a 

8 message fat) in a network of connected computer nodes, the method being executable by 

9 a first computer node and the step of providing comprising the steps of: 

1 0 - selecting a first signature element fa); 

1 1 - selecting a signature exponent value fa) from a number fa) of exponent values fai,...,c;) ; 

12 and 

13 - deriving a second signature element fa) from a provided secret cryptographic key fak 

14 A,,*'/) , the message fat), and the number ft of exponent values (ei,...,cv) such that the first 

15 signature element fa), the second signature element fa); and the signature exponent value 

16 fa) satisfy a known relationship with the message fat) and a provided public 

17 cryptographic key (g, / t , x, N) , wherein the signature value (i, y, a) comprises the first 

18 signature element fa), the second signature element fa), and a signature reference ft to 

1 9 the signature exponent value fa), 

20 the signature value (/, y, a) being sendable within the network to a second computer node 

21 for verification. 

22 5. (currently amended) The method according to claim 4, wherein the step of deriving a 

23 second signature element fa) further comprises deriving a signature base value (gi, /», xi) 

24 using a provided public cryptographic key (g, /t, x, N) , the provided secret cryptographic 

25 key (g'j, h f \,x% and the exponent values (o,...,ig;) . 
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1 6. (currently amended) The method according to claim 4 i -^4 further comprising deriving a 

2 new secret cryptographic key (g^i, from the provided secret cryptographic key 

3 (g'i, h'i 9 x'i) and the selected signature exponent value (e?). 

4 7. (currently amended) A method comprising fef verifying a signature value (/, a) on a 

5 message fm) in a network of connected computer nodes, the method being executable by 

6 a second computer node and the step of verifying comprising the steps of: 

7 - receiving the signature value (i, y 9 a) from a first computer node; 

8 - deriving a signature exponent value ft??) from the signature value (i 9 y 9 a) ; and 

9 - verifying whether the signature exponent value fe) and part of the signature value (t^ 

10 t*) satisfy a known relationship with the message {m) and a provided public cryptographic 

1 1 key (g, h 9 x 9 N) , otherwise refusing the signature value (/, y 9 a) 9 

12 wherein the signature value (/, y 9 a) was generated from a first signature element fa), a 

13 number ^ of exponent values (gi,...,ey), a provided secret cryptographic key (g f j, *',), 

1 4 and the message fm). 
15 

16 8. (currently amended) A method comprising fe r communicating within a network of 

17 connected computer nodes the validity of a signature value (i 9 y, a) in the event of an 

1 8 exposure of a secret cryptographic key {sk) relating to the signature value (i 9 y 9 a) 9 the step 

1 9 of communicating method comprising the steps of: 

20 - defining an order of exponent values (ei,...,ey) ; 

21 - publishing a description of the exponent values (ei,...,ej) and the order of the exponent 

22 values (ci,...,ci) within the network; 

23 - publishing a revocation reference ij) to one of the exponent values (e\ 9 ... 9 ei) within the 

24 network such that the validity of the signature value (/, y 9 a) is determinable by using the 

25 revocation reference the order of exponent values (e\ 9 ... 9 ej) 9 and a provided public 

26 cryptographic key fpk). 

27 9. (currently amended) The method according to any preceding claim further comprising 

28 applying each of the exponent values to at most one signature value. 
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1 10. (currently amended) A computer program element comprising program code means for 

2 performing ft the method of any one of the claims claim 1 te-9-when said program is run 

3 on a computer. 

4 11. (currently amended) A computer program product stored on a computer usable medium, 

5 comprising computer readable program means for causing a computer to perform ft the 

6 method according to anyone of the preceding claims claim 1 te-9. 

7 12. (currently amended) A network device ^) comprising: 

8 - a computer program product according to claim 1 1 ; 

9 - a processor for executing the method; 

10 - the processor having access to exchanged messages in the network. 
11 

12 13. (new) The method according to claim 4, further comprising applying each of the exponent 

13 values to at most one signature value. 
14 

15 14. (new) The method according to claim 7, further comprising applying each of the exponent 

16 values to at most one signature value. 

17 15. (new) The method according to claim 8, further comprising applying each of the exponent 

1 8 values to at most one signature value. 

19 16. (new) A computer program element comprising program code means for performing the 

20 method of claim 4, when said program is run on a computer. 

21 17. (new) A computer program product stored on a computer usable medium, comprising 

22 computer readable program means for causing a computer to perform a method according 

23 to claim 4. 
24 
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18. (new) A computer program element comprising program code means for performing the 
method of claim 7, when said program is run on a computer. 



19. (new) A computer program product stored on a computer usable medium, comprising 
computer readable program means for causing a computer to perform a method according 
to claim 7. 

20. (new) A computer program element comprising program code means for performing the 
method of claim 8, when said program is run on a computer. 

21. (new) A computer program product stored on a computer usable medium, comprising 
computer readable program means for causing a computer to perform a method according 
to claim 8. 

22. (new) A computer program product comprising a computer usable medium having 
computer readable program code means embodied therein for causing functions of a 
network device, the computer readable program code means in said computer program 
product comprising computer readable program code means for causing a computer to 
effect the functions of claim 12. 



Docket No.: CH920020013US1 



-7- 



